Asp.NetCore3.1 WebApi 使用Jwt 授权认证使用
2024-08-24 10:19:02
1:导入NuGet包 Microsoft.AspNetCore.Authentication.JwtBearer
2:配置 jwt相关信息
3:在 startUp中
public void ConfigureServices(IServiceCollection services){
#region JWT 认证
services
.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => {
var jsonmodel = AppJsonHelper.InitJsonModel();
options.TokenValidationParameters = new TokenValidationParameters
{
ValidIssuer = jsonmodel.Issuer,// Configuration["JwtSetting:Issuer"],
ValidAudience = jsonmodel.Audience,// Configuration["JwtSetting:Audience"],
// IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JwtSetting:SecurityKey"])),
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jsonmodel.TockenSecrete)),
// 默认允许 300s 的时间偏移量,设置为0即可
ClockSkew = TimeSpan.Zero
};
});
#endregion
} //注意需要放在addmvc上面 services.AddMvc(); public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.UseAuthentication();//身份验证
app.UseAuthorization();// 授权
}
4:使用时在Controller /action 上打上特性 [Authorize]
可以单独在Action上打上特性[Authorize] 不需要检查授权认证的话打上特性: [AllowAnonymous]
两个特性类都在如下命名空间下:
using Microsoft.AspNetCore.Authorization;
5:难道后端返回的Tocken,可以在PostMan上面测试,和JWT.io官网上面来测试
6: 发送请求到后端,带上Tocken 如Get ://localhost:5000/user/login
Key value
Authorization Bearer qweTdfdsfsJhdsfd0.fdsfdsgfdsewDDQDD.fdsfdsg***
7:action上面的code
[HttpPost, Route("Login")]
public ApiResult Login(personnel p)
{
ApiResult result = new ApiResult();
try
{
string tockenStr = ZrfJwtHelper.GetTocken(p);
result.data = tockenStr;
result.code = statuCode.success;
result.message = "获取成功!";
}
catch (Exception ex)
{
result.message = "查询异常:" + ex.Message;
}
return result;
} [HttpPost, Route("authTest")]
[Authorize]
[AllowAnonymous]// 跳过授权认证
public ApiResult authTest(string accesTocken)
{
ApiResult result = new ApiResult();
try
{
var info = ZrfJwtHelper.GetTockenInfo(accesTocken);
result.data = info;
result.code = statuCode.success;
result.message = "获取成功!";
}
catch (Exception ex)
{
result.message = "查询异常:" + ex.Message;
}
return result;
}
8:完整的Jwt代码封装
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
namespace ZRFCoreTestMongoDB.Commoms
{
using Microsoft.AspNetCore.Http;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using ZRFCoreTestMongoDB.Model; /// <summary>
/// @auth fengge
/// </summary>
public class ZrfJwtHelper
{
/// <summary>
/// 生成Tocken
/// </summary>
/// <param name="p"></param>
/// <returns></returns>
public static string GetTocken(personnel p)
{
//读取配置文件获得Jwt的json文件信息
var model = AppJsonHelper.InitJsonModel();
string _issuer = model.Issuer;//分发者
string audience = model.Audience;//接受者
string TockenSecrete = model.TockenSecrete;//秘钥 //秘钥
var securityKey = new SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes(TockenSecrete)), SecurityAlgorithms.HmacSha256);
// 設定要加入到 JWT Token 中的聲明資訊(Claims)
//var claims = new List<Claim>();
//// 在 RFC 7519 規格中(Section#4),總共定義了 7 個預設的 Claims,我們應該只用的到兩種!
////claims.Add(new Claim(JwtRegisteredClaimNames.Iss, issuer));
//claims.Add(new Claim(JwtRegisteredClaimNames.Sub, userInfo.UserId)); //Claim
var claims = new Claim[] {
new Claim(JwtRegisteredClaimNames.Sid,p.Uid),
new Claim(JwtRegisteredClaimNames.Iss,_issuer),
new Claim(JwtRegisteredClaimNames.Sub,p.Name),
new Claim("Guid",Guid.NewGuid().ToString("D")),
new Claim("Roleid",p.Roleid.ToString()),
new Claim("Age",p.Age.ToString()),
new Claim("BirthDay",p.BirthDay.ToString())
}; SecurityToken securityToken = new JwtSecurityToken(
issuer: _issuer,
audience: audience,
signingCredentials: securityKey,
expires: DateTime.Now.AddMinutes(),//过期时间
claims: claims
); return new JwtSecurityTokenHandler().WriteToken(securityToken);
} /// <summary>
/// 获取accessTocken
/// </summary>
/// <param name="context"></param>
/// <returns></returns>
public static string GetTockenString(HttpContext context)
{
return context != null ? context.Request.Headers["Authorization"].ToString() : "";
} /// <summary>
/// 解析Jwt生成的 Tocken
/// </summary>
/// <param name="accesTocken"></param>
/// <returns></returns>
public static TockenInfo GetTockenInfo(string accesTocken)
{
try
{
if (accesTocken.Contains("Bearer")) //防止前端传过来的tocken 为待了 Bearer 的字符串
{
accesTocken = accesTocken.Replace("Bearer ", "");
}
var tockHandler = new JwtSecurityToken(accesTocken);
TockenInfo info = new TockenInfo
{
// Age=tockHandler.Claims.FirstOrDefault(c=>c.Type==JwtRegisteredClaimNames.Email)
Uid = tockHandler.Claims.FirstOrDefault(c => c.Type == JwtRegisteredClaimNames.Sid).Value,
Name = tockHandler.Claims.FirstOrDefault(c => c.Type ==JwtRegisteredClaimNames.Sub).Value,//在于自己来定义了,上面生成是和下面获取时Key要一致 Age = tockHandler.Claims.FirstOrDefault(c => c.Type == "Age").Value,
BirthDay = tockHandler.Claims.FirstOrDefault(c => c.Type == "BirthDay").Value,
Roleid = tockHandler.Claims.FirstOrDefault(c => c.Type == "Roleid").Value,
};
return info;
}
catch (Exception ex)
{
throw new Exception("解析Tocken时错误!");
}
}
}
public class TockenInfo
{
public string Uid { get; set; }
public string Name { get; set; }
public string Age { get; set; }
public string BirthDay { get; set; }
public string Roleid { get; set; }
}
}
9:模型实体
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks; namespace ZRFCoreTestMongoDB.Model
{
using System.ComponentModel.DataAnnotations;
[Serializable]
public class personnel
{ [Required(ErrorMessage = "姓名必填")]
[StringLength(maximumLength: , ErrorMessage = "姓名最多是10个字符")]
[MinLength(, ErrorMessage = "姓名长度最少为两个字符")]
public string Name { get; set; } [Range(, , ErrorMessage = "年龄范围为:1-150")]
public int Age { get; set; }
[DataType(DataType.Date, ErrorMessage = "生日不学为日期格式,例如:1998-10-10")]
public DateTime BirthDay { get; set; } [Required(ErrorMessage = "密码必填")]
[StringLength(maximumLength: , MinimumLength = , ErrorMessage = "密码长度最多10位")]
public string Password { get; set; }
public int Roleid { get; set; }
public string Uid { get; set; }
}
}
10:配置内容:
11:测试效果
最新文章
- (十一)WebGIS中要素(Feature)的设计
- Excel学习技巧
- 修改ThinkSNS网站入口
- JAVA WEB中如何让数据库连接对开发人员完全透明?
- 《Java数据结构与算法》笔记-CH4-2用栈实现字符串反转
- 1 前言:WPF之What&;Why
- 推送:腾迅信鸽 VS Bmob
- RecyclerView学习笔记
- Oracle数据库(一)概述、基础与简单操作
- python获取日期加减之后的日期
- hadoop基础操作
- sort()的用法,参数以及排序原理(转载)
- 《NoSQL精粹》读后感
- Java静态数据的初始化
- win 10安装Linux虚拟机教程
- 『TensorFlow』读书笔记_Word2Vec
- Web服务器之Nginx详解(操作部分)
- mysql 索引 create_time 加explain关键字是否走索引
- 一分钟上手, 让 Golang 操作数据库成为一种享受
- java基础65 JavaScript中的Window对象(网页知识)
热门文章
- 僵尸扫描-scapy、nmap
- mysqldump: Got error: 1044: Access denied for user &#39;root&#39;@&#39;%&#39; to database &#39;hhh&#39; when using LOCK TABLES
- Python3-Django-1.开发环境搭建
- The main method caused an error: java.util.concurrent.ExecutionException: org.apache.flink.runtime.client.JobSubmissionException: Failed to submit JobGraph.
- vue基础入门(3)
- 写给程序员的机器学习入门 (七) - 双向递归模型 (BRNN) - 根据上下文补全单词
- .Net Core 集成ExceptionLess分布式日志框架之本地化部署
- Centos 6.4 安装Mplayer 播放器
- Mybatis 报错
- Bash的特性